Solved

Securing Remote Computers Accessing Office Computers Via Remote Web Workplace

Posted on 2012-03-12
3
954 Views
Last Modified: 2012-03-13
I have a client with a Windows SBS 2008 server that is providing access to the office computers, for those who have a computer in the office, and to the Windows 2008 Terminal Server, for those who do not have a computer in the office.

Some people have company laptops that they take home, some people work on compnay desktops at remote offices and some people work from home using their personal computers.

I am worried about the people working from home using their personal computers. My concern is that they can have or they could get a key logger malware app on their home computers that reports back the Remote Web Workplace URL, their usernames and their passwords. The Remote Web Workplace URL and the user’s login info would give the malware writer/operator access to the company’s data, not unlike how bank accounts and online gaming accounts often get cracked.

I am looking for a solution to secure access to the office network via Remote Web Workplace in such a way that I do not have to install any software on the home user’s personal computers.
0
Comment
Question by:wmtrader
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 25

Accepted Solution

by:
Tony Johncock earned 500 total points
ID: 37708950
The simplest solution here I think would be two-factor authentication.

This gives your users a token of some kind and is based around something that they know (their password and maybe a PIN they append to their token code) and something they have - i.e. a physical token of some kind.

There are physical solutions, such as the SafeWord products (I've had a preference for these over the years, as they tend to be cheaper than say RSA, don't die like some [some have a 'death date' after whichthey stop functioning] and can be more easily integrated into the infrastructure for just some users).

Other alternatives include SMS based options whereby a one time use code is sent to a users registered mobile phone.

Either kind of mechanism will negate keyloggers' because the end point log won't include anything useful about the 2nd one-time-use factor.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 37711964
I agree that two-factor authentication would mitigate your concern. However, many two-factor mechanisms don't work well with RWW because of how that feature is designed, I recommend RWWGuard from Scorpionsoft.  Written by a Microsoft Security MVP, designed for RWW/RWA, and a large SBS support base, it has a lot of traction in the marketplace.

-Cliff
0
 

Author Closing Comment

by:wmtrader
ID: 37714144
I went with the two-factor authentication and I found 2 solutions that work with Win SBS 2011 RWW that I'll be testing, SafeWord from SafeNet Inc and AuthAnvil from Scorpion Software.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Read about achieving the basic levels of HRIS security in the workplace.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question